Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormChizuru ToyamaPACKETSTORM:175952
HistoryNov 28, 2023 - 12:00 a.m.

Loytec L-INX Automation Servers Information Disclosure / Cleartext Secrets

2023-11-2800:00:00
Chizuru Toyama
packetstormsecurity.com
181
loytec l-inx
automation servers
information disclosure
cleartext secrets
insecure permissions
improper access control
vulnerabilities
registry.xml
smtp client
dpal_config.zml
trend micro zdi
ics cert
public disclosure

AI Score

7.4

Confidence

Low

EPSS

0.002

Percentile

54.5%

JSON
`  
[+] CVE : CVE-2023-46386, CVE-2023-46387, CVE-2023-46388, CVE-2023-46389   
[+] Title : Multiple vulnerabilities in Loytec L-INX Automation Servers  
[+] Vendor : LOYTEC electronics GmbH  
[+] Affected Product(s) : LINX-151, Firmware 7.2.4, LINX-212, firmware 6.2.4  
[+] Affected Components : L-INX Automation Servers  
[+] Discovery Date : 01-Sep-2021  
[+] Publication date : 03-Nov-2023  
[+] Discovered by : Chizuru Toyama of TXOne networks  
  
  
[Vulnerability Description]  
  
CVE-2023-46386 : Insecure Permissions  
'registry.xml' file contains hard-coded clear text credentials for   
smtp client account. If an attacker succeeds in getting registry.xml file,   
the email account could be compromised. Password should be encrypted.  
  
CVE-2023-46387 : Improper Access Control  
'/var/lib/lgtw/dpal_config.zml' file is accessible via file download API.   
'dpal_config.wbx' which is extracted from 'dpal_config.zml' includes  
sensitive configuration information such as smtp client information.   
Authentication is required to exploit this vulnerability.  
http://<IP>:<port>/DT?filename=/var/lib/lgtw/dpal_config.zml  
  
CVE-2023-46388 : Insecure Permissions  
'dpal_config.wbx' file contains hard-coded clear text credentials for   
smtp client account. If an attacker succeeds in getting dpal_config.zml file,   
the email account could be compromised. Password should be encrypted.  
  
CVE-2023-46389 : Improper Access Control  
'/tmp/registry.xml' file is accessible via file download API.   
'registry.xml' includes device configuration information which includes  
sensitive information such as smtp client information. Authentication is  
required to exploit this vulnerability.  
http://<IP>:<port>/DT?filename=/tmp/registry.xml  
  
  
[Timeline]  
  
01-Sep-2021 : Vulnerabilities discovered  
13-Oct-2021 : Trend Micro ZDI (Zero Day Initiative) reported to vendor (no response)  
07-Oct-2022 : ICS CERT reported to vendor (no response)  
03-Nov-2023 : Public Disclosure  
  
  
  
`

Related

zdt 1
ics 1
prion 4
cve 4
nvd 4
cvelist 4
zdt
zdt
Loytec LINX Automation Servers Information Disclosure / Cleartext Secrets Vulnerability
2023-11-28 00:00:00
ics
ics
LOYTEC Electronics LINX Series
2024-09-03 12:00:00
prion
prion
Design/Logic Flaw
2023-11-30 23:15:00
Authentication flaw
2023-11-30 23:15:00
Remote file inclusion
2023-11-30 23:15:00
cve
cve
CVE-2023-46388
2023-11-30 23:15:07
CVE-2023-46386
2023-11-30 23:15:07
CVE-2023-46389
2023-11-30 23:15:07
nvd
nvd
CVE-2023-46386
2023-11-30 23:15:07
CVE-2023-46389
2023-11-30 23:15:07
CVE-2023-46388
2023-11-30 23:15:07
cvelist
cvelist
CVE-2023-46389
2023-11-30 00:00:00
CVE-2023-46386
2023-11-30 00:00:00
CVE-2023-46387
2023-11-30 00:00:00

AI Score

7.4

Confidence

Low

EPSS

0.002

Percentile

54.5%

JSON
Related for PACKETSTORM:175952
zdt1ics1prion4cve4nvd4cvelist4